I have setup a lab with Windows Server 2008 R2 and i am currently testing the features of windows NPS.

Now i have started by perfomring the actions to create DHCP system Health checks on the workstations.

In essence they need to have a firewall and the anti-virus enabled to get a DHCP address and on the lan.

Now i followed the procedures and setyp the SHV's and everything seems to work fine apart from the fact my Windows 7 machines keep failing the SVH. I even changed it so it was Firewall only, which is definately on and the machines keeping getting issued with a probationary IP address.

My issues were ...
1) Had not set the 'EAP Quarantine Enforcement Client' to enabled in the GPO
2) Had not set 'Override network policy authentication settings' in the authentication setting of the connection request policy.

Now my clients are connecting and getting listed as Full Access in DHCP, now i just need to get the non-compliant machines to use a seperate scope on my DHCP.